[prev in list] [next in list] [prev in thread] [next in thread]
List: squid-cvs
Subject: /bzr/squid3/trunk/ r12329: Undo/uncommit the r12328 patch
From: Christos Tsantilas <chtsanti () users ! sourceforge ! net>
Date: 2012-09-25 13:46:57
Message-ID: 20120925135003.34298.qmail () squid-cache ! org
[Download RAW message or body]
--===============0598281698==
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
------------------------------------------------------------
revno: 12329
committer: Christos Tsantilas <chtsanti@users.sourceforge.net>
branch nick: trunk
timestamp: Tue 2012-09-25 16:46:57 +0300
message:
Undo/uncommit the r12328 patch
The documentation is wrong and should applied as separate patches
modified:
src/acl/FilledChecklist.h
src/client_side.cc
src/forward.cc
--===============0598281698==
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; name="r12329.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
=== modified file 'src/acl/FilledChecklist.h'
--- a/src/acl/FilledChecklist.h 2012-09-25 13:42:54 +0000
+++ b/src/acl/FilledChecklist.h 2012-09-25 13:46:57 +0000
@@ -27,15 +27,14 @@
~ACLFilledChecklist();
public:
- /// The client connection manager
ConnStateData * conn() const;
- /// The client side fd. It uses conn() if available
+ /// uses conn() if available
int fd() const;
/// set either conn
void conn(ConnStateData *);
- /// set the client side FD
+ /// set FD
void fd(int aDescriptor);
//int authenticated();
=== modified file 'src/client_side.cc'
--- a/src/client_side.cc 2012-09-25 13:42:54 +0000
+++ b/src/client_side.cc 2012-09-25 13:46:57 +0000
@@ -2516,6 +2516,8 @@
ACLFilledChecklist check(Config.ssl_client.cert_error, request, dash_str);
check.sslErrors = new Ssl::Errors(SQUID_X509_V_ERR_DOMAIN_MISMATCH);
+ if (Comm::IsConnOpen(pinning.serverConnection))
+ check.fd(pinning.serverConnection->fd);
const bool allowDomainMismatch =
check.fastCheck() == ACCESS_ALLOWED;
delete check.sslErrors;
=== modified file 'src/forward.cc'
--- a/src/forward.cc 2012-09-25 13:42:54 +0000
+++ b/src/forward.cc 2012-09-25 13:46:57 +0000
@@ -214,12 +214,6 @@
assert(err);
errorAppendEntry(entry, err);
err = NULL;
-#if USE_SSL
- if (request->flags.sslPeek && request->clientConnectionManager.valid()) {
- CallJobHere1(17, 4, request->clientConnectionManager, ConnStateData,
- ConnStateData::httpsPeeked, Comm::ConnectionPointer(NULL));
- }
-#endif
} else {
EBIT_CLR(entry->flags, ENTRY_FWD_HDR_WAIT);
entry->complete();
@@ -375,6 +369,14 @@
ErrorState *anErr = new ErrorState(ERR_CANNOT_FORWARD, HTTP_INTERNAL_SERVER_ERROR, request);
fail(anErr);
} // else use actual error from last connection attempt
+#if USE_SSL
+ if (request->flags.sslPeek && request->clientConnectionManager.valid()) {
+ errorAppendEntry(entry, err); // will free err
+ err = NULL;
+ CallJobHere1(17, 4, request->clientConnectionManager, ConnStateData,
+ ConnStateData::httpsPeeked, Comm::ConnectionPointer(NULL));
+ }
+#endif
self = NULL; // refcounted
}
}
@@ -826,6 +828,7 @@
// The list is used in ssl_verify_cb() and is freed in ssl_free().
if (acl_access *acl = Config.ssl_client.cert_error) {
ACLFilledChecklist *check = new ACLFilledChecklist(acl, request, dash_str);
+ check->fd(fd);
SSL_set_ex_data(ssl, ssl_ex_index_cert_error_check, check);
}
--===============0598281698==--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic